Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/JUWcBBikgmbqMXwsOXAyZ2CWc4Y.roa
File: JUWcBBikgmbqMXwsOXAyZ2CWc4Y.roa (raw, json)
Hash identifier: M7E6ywtCcvNZ1OSJ2u9/DqjHMTLCOhLEuB3bum1kBz0=
Subject key identifier: 25:45:9C:04:18:A4:82:66:EA:31:7C:2C:39:70:32:67:60:96:73:86
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 01968925B00A051084B85B74FF3437720841
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/JUWcBBikgmbqMXwsOXAyZ2CWc4Y.roa
Signing time: Thu 01 May 2025 00:01:10 +0000
ROA not before: Thu 01 May 2025 00:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36832
IP address blocks: 2a0f:b244:600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 03:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:25:b0:0a:05:10:84:b8:5b:74:ff:34:37:72:08:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: May 1 00:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25459c0418a48266ea317c2c3970326760967386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d5:02:50:7d:a0:12:93:29:8d:dc:48:48:77:
2c:07:f3:69:a4:6e:26:66:5c:ba:6b:a2:6d:41:d5:
b5:0f:34:a4:7a:fb:74:35:ef:78:58:e2:2a:50:2f:
58:80:59:88:09:7b:c1:a7:2e:ac:31:03:27:34:a9:
7d:c6:c0:f0:1b:0e:de:20:c6:6c:e1:4e:29:9c:90:
c7:95:2a:03:e5:b5:88:58:99:1a:c5:dd:91:e8:27:
2c:27:c2:6e:35:81:03:9e:1c:9c:e8:a3:ca:e7:06:
f4:d3:70:97:c4:64:ee:6b:f3:26:41:3b:48:56:f7:
af:e1:f8:1b:ec:79:1d:39:bf:ef:ae:d1:ec:a7:2a:
5e:08:9b:27:f8:2a:55:d3:45:92:ff:09:93:a0:82:
3c:42:76:b1:70:d1:7c:2b:3d:d8:cc:44:f8:c2:64:
3c:93:f8:3e:49:d9:a8:7e:f3:33:8a:44:f6:d4:18:
41:83:77:3d:88:28:78:39:45:25:f8:90:1a:ad:40:
90:c8:f3:0d:c9:3e:cc:aa:e2:8a:d7:07:91:a4:79:
d3:e7:5c:c1:cc:e1:31:4e:e4:f7:a8:94:4c:7f:2a:
3d:5a:59:b1:fc:13:4d:00:35:f2:f0:5c:07:a3:fc:
73:ec:fa:58:52:1f:f8:2e:c3:fa:25:c0:61:f6:86:
50:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:45:9C:04:18:A4:82:66:EA:31:7C:2C:39:70:32:67:60:96:73:86
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/JUWcBBikgmbqMXwsOXAyZ2CWc4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b244:600::/40
Signature Algorithm: sha256WithRSAEncryption
77:85:e6:58:df:5e:ab:43:71:e0:77:d5:58:f5:f8:bd:5b:94:
5d:88:c9:96:c1:63:a0:a7:72:1a:0d:f9:98:07:5e:fb:f5:70:
10:47:06:d9:78:bf:a5:f9:5e:23:c1:08:63:a5:99:a9:41:c4:
e2:be:c2:a9:f9:46:6e:1c:ca:79:e8:f9:35:54:5d:fd:40:25:
2c:b3:f9:16:ab:1a:05:2e:7c:6b:fb:83:9a:d9:3b:c5:05:11:
b9:69:3b:38:2f:ac:44:b8:f0:c2:ce:c8:5f:4f:76:3d:dc:04:
1a:f2:0a:f8:23:f6:da:99:5e:ef:9d:3a:fa:00:45:03:09:65:
c9:78:bf:8d:c3:37:35:9d:f3:f8:a4:30:7d:db:21:58:30:3c:
2e:80:a9:c4:be:85:83:ab:e8:c1:71:c1:84:85:ec:9b:ff:09:
93:ba:dc:49:6a:d7:60:3e:5d:1f:d6:59:5c:0b:e5:e7:44:63:
a0:b3:ea:3e:12:a1:4f:2e:90:af:91:fe:68:e1:cb:8f:de:6c:
db:7a:84:52:3a:51:eb:59:d7:61:73:b9:5f:b8:fe:d2:1f:51:
b1:f2:33:ea:57:55:48:ed:2e:28:c2:62:6f:27:a7:6f:cb:f5:
b9:e4:07:9e:51:26:68:66:ba:e3:c0:77:0b:ea:21:7d:e2:64:
64:33:a2:2e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZaJJbAKBRCEuFt0/zQ3cghBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwNTAxMDAwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ1OWMwNDE4YTQ4MjY2ZWEzMTdjMmMzOTcwMzI2NzYwOTY3Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tUCUH2gEpMpjdxISHcsB/NppG4m
Zly6a6JtQdW1DzSkevt0Ne94WOIqUC9YgFmICXvBpy6sMQMnNKl9xsDwGw7eIMZs
4U4pnJDHlSoD5bWIWJkaxd2R6CcsJ8JuNYEDnhyc6KPK5wb003CXxGTua/MmQTtI
Vvev4fgb7HkdOb/vrtHspypeCJsn+CpV00WS/wmToII8QnaxcNF8Kz3YzET4wmQ8
k/g+SdmofvMzikT21BhBg3c9iCh4OUUl+JAarUCQyPMNyT7MquKK1weRpHnT51zB
zOExTuT3qJRMfyo9Wlmx/BNNADXy8FwHo/xz7PpYUh/4LsP6JcBh9oZQdwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCVFnAQYpIJm6jF8LDlwMmdglnOGMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvSlVXY0JCaWtnbWJxTVh3c09YQXlaMkNXYzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg+yRAYw
DQYJKoZIhvcNAQELBQADggEBAHeF5ljfXqtDceB31Vj1+L1blF2IyZbBY6CnchoN
+ZgHXvv1cBBHBtl4v6X5XiPBCGOlmalBxOK+wqn5Rm4cynno+TVUXf1AJSyz+Rar
GgUufGv7g5rZO8UFEblpOzgvrES48MLOyF9Pdj3cBBryCvgj9tqZXu+dOvoARQMJ
Zcl4v43DNzWd8/ikMH3bIVgwPC6AqcS+hYOr6MFxwYSF7Jv/CZO63Elq12A+XR/W
WVwL5edEY6Cz6j4SoU8ukK+R/mjhy4/ebNt6hFI6UetZ12FzuV+4/tIfUbHyM+pX
VUjtLijCYm8np2/L9bnkB55RJmhmuuPAdwvqIX3iZGQzoi4=
-----END CERTIFICATE-----
Generated at Thu May 8 13:04:17 2025 by rpki-client